483 matches found
CVE-2024-56915
Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting XSS via the RSS feed widget...
CVE-2024-56917
Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...
CVE-2024-56916
A cross-site scripting flaw was found in Netbox. An attacker with an authenticated account on the system can add malicious Javascript code to a banner field and potentially execute this code in the context of another user's session. Mitigation Mitigation for this issue is either not available or...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
CVE-2024-56918
A Cross-site scripting flaw was found in Netbox. This flaw allows an attacker with an account on the system to exfiltrate user data from the login form. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteri...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
PT-2025-26771 · Unknown · Netbox Community
Name of the Vulnerable Software and Affected Versions: Netbox Community version 4.1.7 Description: The issue is related to Cross Site Scripting XSS via the maintenance banner in maintenance mode. This allows for potential malicious script execution. No information is provided about the estimated...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
CVE-2024-56917
Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
Netbox 安全漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from NetBox Community. A security vulnerability exists in Netbox Community version 4.1.7, which stems from unfiltered user input in the current value field in Configuration...
CVE-2024-56917
Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...
CVE-2024-56916
CVE-2024-56916 (NetBox Community 4.1.7) is a cross-site scripting (XSS) vulnerability in the Configuration History > Add feature, caused by the current value field rendering user-supplied HTML. An authenticated attacker can inject malicious JavaScript into the banner field, and the payload tri...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
PT-2025-26761 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox Community version 4.1.7 Description: In Netbox Community, once authenticated, the Configuration History Add option is vulnerable to cross-site scripting XSS due to the current value field rendering user-supplied HTML. An authenticated...
Netbox 安全漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in Netbox version 4.1.7, which stems from a flaw in the login page that could lead to a cross-site scripting attack...
CVE-2024-56918
CVE-2024-56918 affects Netbox Community 4.1.7, with a login-page cross-site scripting (XSS) vulnerability that can exfiltrate privileged, authenticated user input from the login form. The documents do not provide concrete exploit details or a confirmed patch version. Some entries reference mitiga...